This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/e5bdc7-eb06-4626-84d7-13da74cd35a4/1/TkJsh9-8xVLceQ_sPtHN56j4huk.mft File: TkJsh9-8xVLceQ_sPtHN56j4huk.mft (raw, json) Hash identifier: 3ypdpt+oXSQcTYhyaskobhyeBP4QmvOmFm8XhqfGd9w= Subject key identifier: E8:35:00:50:06:E9:A4:83:B2:74:2A:0F:8B:91:74:4C:79:03:55:8D Authority key identifier: 4E:42:6C:87:DF:BC:C5:52:DC:79:0F:EC:3E:D1:CD:E7:A8:F8:86:E9 Certificate issuer: /CN=4e426c87dfbcc552dc790fec3ed1cde7a8f886e9 Certificate serial: 019AF12DD352988C7ADBD1673B02FE4EB4FF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TkJsh9-8xVLceQ_sPtHN56j4huk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/e5bdc7-eb06-4626-84d7-13da74cd35a4/1/TkJsh9-8xVLceQ_sPtHN56j4huk.mft Manifest number: 0A9F Signing time: Sat 06 Dec 2025 01:01:43 +0000 Manifest this update: Sat 06 Dec 2025 01:01:43 +0000 Manifest next update: Sun 07 Dec 2025 01:01:43 +0000 Files and hashes: 1: TkJsh9-8xVLceQ_sPtHN56j4huk.crl (hash: 0setgfLBNooc91g2bxNTWBoS2rWLLjRwTYA38XDTwJM=) 2: o1pkGMrhjFIHajUuas6hn3OkprM.roa (hash: vhDUewSi85hdhWxPSoEhr0a9lvOVAXD09OTRvqe5guU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/49/e5bdc7-eb06-4626-84d7-13da74cd35a4/1/TkJsh9-8xVLceQ_sPtHN56j4huk.crl rsync://rpki.ripe.net/repository/DEFAULT/49/e5bdc7-eb06-4626-84d7-13da74cd35a4/1/TkJsh9-8xVLceQ_sPtHN56j4huk.mft rsync://rpki.ripe.net/repository/DEFAULT/TkJsh9-8xVLceQ_sPtHN56j4huk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:01:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2d:d3:52:98:8c:7a:db:d1:67:3b:02:fe:4e:b4:ff Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4e426c87dfbcc552dc790fec3ed1cde7a8f886e9 Validity Not Before: Dec 6 01:01:43 2025 GMT Not After : Dec 7 01:01:43 2025 GMT Subject: CN=e835005006e9a483b2742a0f8b91744c7903558d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:91:d1:ad:c8:27:05:29:15:3e:17:bf:66:8c:95: b1:dd:29:9e:ab:8c:71:8f:83:ee:7c:49:4e:f2:0e: 2b:d2:f5:2b:25:69:ea:08:22:9a:ed:61:ce:d6:42: cd:4a:ec:37:e9:7d:4a:31:2a:8c:2e:78:8e:ba:57: 5d:14:5e:ed:4c:71:e0:3d:1a:b0:f1:61:13:56:59: 58:f8:c7:d7:39:60:ce:fd:d7:1f:e4:dc:99:5d:d3: 51:a3:91:18:d4:d1:f4:d2:a5:54:84:e1:f2:fa:dd: 52:40:b9:4a:b3:1b:30:5a:81:c5:1b:fc:3b:2c:7e: 69:65:61:fa:0b:e8:be:ec:fe:57:09:15:79:79:de: 58:e0:6e:12:2e:1b:15:c0:f5:6d:bb:89:89:f5:57: be:cd:78:f2:e4:ec:a3:6b:f1:19:c8:f4:05:22:c0: c2:4c:7c:21:57:2a:db:d2:d1:a4:9c:6e:c3:52:72: c6:30:c4:f3:f8:c5:15:95:d4:f9:0f:34:6c:8c:57: f2:2e:0c:6a:15:7c:f9:bf:1b:a2:30:f6:22:5e:15: a3:09:c0:99:41:67:4f:67:c6:87:e7:27:68:58:13: 0c:d7:2c:88:f8:1f:35:a9:5d:59:04:02:49:81:cf: 03:14:97:05:8b:b2:45:47:b8:b9:05:01:e8:0c:63: bd:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E8:35:00:50:06:E9:A4:83:B2:74:2A:0F:8B:91:74:4C:79:03:55:8D X509v3 Authority Key Identifier: keyid:4E:42:6C:87:DF:BC:C5:52:DC:79:0F:EC:3E:D1:CD:E7:A8:F8:86:E9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TkJsh9-8xVLceQ_sPtHN56j4huk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/e5bdc7-eb06-4626-84d7-13da74cd35a4/1/TkJsh9-8xVLceQ_sPtHN56j4huk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/49/e5bdc7-eb06-4626-84d7-13da74cd35a4/1/TkJsh9-8xVLceQ_sPtHN56j4huk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 81:f3:82:9a:87:5f:bd:a7:4a:77:15:80:b2:3e:bb:7c:1f:e7: 89:68:ec:bf:80:46:9d:1c:1a:79:96:5a:28:46:10:5d:57:13: 48:5e:7d:d9:49:ab:f2:f5:50:7c:2e:cf:51:c2:ab:0e:85:ef: aa:b9:e1:f0:02:0a:23:53:c5:00:63:34:6e:74:fc:cc:62:31: 88:31:86:11:fc:5d:b6:f3:63:28:3c:dd:28:5c:36:4f:53:9f: 15:aa:bc:2e:4d:0e:71:a6:58:7f:86:eb:db:22:f5:ac:fb:79: 92:20:40:22:d3:95:e1:8a:73:2e:b4:f2:b1:7c:7d:50:05:4c: 2e:c6:7a:02:44:35:0a:98:fe:45:db:56:ee:dc:3e:18:b3:01: f1:dc:e2:11:36:d2:6e:7e:a2:ad:02:cd:59:07:a0:46:18:19: 9d:02:9e:a8:8b:ad:de:01:f2:d1:9e:f0:ff:8c:90:65:09:78: bf:dd:47:f2:20:98:cd:10:48:8d:b4:8f:f8:46:6f:7b:fd:8e: 90:ac:b4:bb:11:44:7e:35:8f:ee:e6:69:f0:5c:6c:e5:6b:23: 94:d1:9c:e7:a9:1d:3f:8d:56:80:f9:66:c9:31:85:73:a7:55: b3:29:05:72:f4:f3:7a:cf:06:ed:9e:90:1b:dc:2f:3b:f6:16: 17:3b:63:44 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLdNSmIx629FnOwL+TrT/MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDRlNDI2Yzg3ZGZiY2M1NTJkYzc5MGZlYzNlZDFjZGU3YThm ODg2ZTkwHhcNMjUxMjA2MDEwMTQzWhcNMjUxMjA3MDEwMTQzWjAzMTEwLwYDVQQD EyhlODM1MDA1MDA2ZTlhNDgzYjI3NDJhMGY4YjkxNzQ0Yzc5MDM1NThkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkdGtyCcFKRU+F79mjJWx3Smeq4xx j4PufElO8g4r0vUrJWnqCCKa7WHO1kLNSuw36X1KMSqMLniOulddFF7tTHHgPRqw 8WETVllY+MfXOWDO/dcf5NyZXdNRo5EY1NH00qVUhOHy+t1SQLlKsxswWoHFG/w7 LH5pZWH6C+i+7P5XCRV5ed5Y4G4SLhsVwPVtu4mJ9Ve+zXjy5Oyja/EZyPQFIsDC THwhVyrb0tGknG7DUnLGMMTz+MUVldT5DzRsjFfyLgxqFXz5vxuiMPYiXhWjCcCZ QWdPZ8aH5ydoWBMM1yyI+B81qV1ZBAJJgc8DFJcFi7JFR7i5BQHoDGO9RwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOg1AFAG6aSDsnQqD4uRdEx5A1WNMB8GA1UdIwQY MBaAFE5CbIffvMVS3HkP7D7Rzeeo+IbpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVGtKc2g5LTh4VkxjZVFfc1B0SE41Nmo0aHVrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS9lNWJkYzctZWIwNi00NjI2LTg0ZDct MTNkYTc0Y2QzNWE0LzEvVGtKc2g5LTh4VkxjZVFfc1B0SE41Nmo0aHVrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80OS9lNWJkYzctZWIwNi00NjI2LTg0ZDctMTNkYTc0Y2QzNWE0 LzEvVGtKc2g5LTh4VkxjZVFfc1B0SE41Nmo0aHVrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgfOCmodf vadKdxWAsj67fB/niWjsv4BGnRwaeZZaKEYQXVcTSF592Umr8vVQfC7PUcKrDoXv qrnh8AIKI1PFAGM0bnT8zGIxiDGGEfxdtvNjKDzdKFw2T1OfFaq8Lk0OcaZYf4br 2yL1rPt5kiBAItOV4YpzLrTysXx9UAVMLsZ6AkQ1Cpj+RdtW7tw+GLMB8dziETbS bn6irQLNWQegRhgZnQKeqIut3gHy0Z7w/4yQZQl4v91H8iCYzRBIjbSP+EZve/2O kKy0uxFEfjWP7uZp8Fxs5WsjlNGc56kdP41WgPlmyTGFc6dVsykFcvTzes8G7Z6Q G9wvO/YWFztjRA== -----END CERTIFICATE-----Generated at Sat Dec 6 07:45:52 2025 by rpki-client